Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
File: fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa (raw, json)
Hash identifier: FXnw/QR8D0WA8XJnTpzafipYLvsvDy9G8zyFKh09HkI=
Subject key identifier: 13:6B:08:82:5E:95:76:5A:AD:AD:A9:9E:19:D7:0B:45:4A:07:F4:80
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4C0A86E08CAE007CD598216AAFAD9676D95B6161
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
Signing time: Mon 14 Jul 2025 15:40:17 +0000
ROA not before: Mon 14 Jul 2025 15:40:17 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.85.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:0a:86:e0:8c:ae:00:7c:d5:98:21:6a:af:ad:96:76:d9:5b:61:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:40:17 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=7f39bd3d5940910e9ce9d4851d0c7943c36190f9e4e038d34a75f379c08a5430, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:69:a8:02:cf:1d:8f:2f:9e:58:0a:41:94:02:
fb:4a:65:50:7a:37:c5:95:62:64:cb:a9:0c:cf:9a:
c2:62:ab:a6:0b:8a:d7:f8:87:cd:d1:5d:71:c7:8a:
2d:da:96:77:ec:09:66:36:13:b6:dd:23:89:fe:a5:
af:93:f4:08:74:74:75:e9:6c:31:a5:d6:3b:2a:85:
70:05:84:16:67:4c:90:58:99:dc:e5:e6:da:9e:8d:
b7:5a:82:b7:7d:7a:d6:bf:64:31:04:dc:8b:17:73:
75:bd:f7:6d:e3:cb:07:af:1f:bb:0f:79:7e:0d:35:
55:9f:a9:e4:60:f8:f3:92:aa:6e:15:38:ca:94:8b:
a1:5e:24:9a:e3:c9:95:72:41:a5:d0:f6:11:14:87:
1e:ee:73:13:15:cf:da:31:e6:9e:07:3a:b0:4f:6e:
b2:23:bf:6c:05:4b:25:50:17:0a:91:a6:57:ae:53:
1f:b1:3d:b0:3f:51:13:62:23:a9:12:74:07:1d:f3:
31:82:68:35:8b:69:c8:62:21:56:12:04:d9:74:5c:
11:c2:5e:df:e2:3d:09:79:d5:b9:8a:8b:fc:da:08:
b6:68:c8:0e:d6:d4:1c:9c:bc:69:2a:68:96:15:ca:
84:d1:63:ec:3e:b8:9a:f2:f3:0d:90:40:5d:ee:97:
a3:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:6B:08:82:5E:95:76:5A:AD:AD:A9:9E:19:D7:0B:45:4A:07:F4:80
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.85.0.0/16
Signature Algorithm: sha256WithRSAEncryption
66:7c:4c:b0:ea:5c:a6:29:09:7a:9a:bb:d6:e5:9f:9f:3f:7a:
da:2d:83:de:65:75:6f:fb:b9:a3:3f:b7:c9:61:61:62:32:b9:
96:da:79:f7:11:4c:01:68:1d:39:63:f4:6e:7d:74:72:bc:06:
c5:1c:15:70:b8:06:ed:03:2c:60:d6:bb:99:06:ca:22:d3:c9:
27:bd:b7:50:c4:6d:15:6c:82:58:be:76:a3:47:be:5d:8a:29:
42:09:d0:ea:05:3f:ef:04:f6:26:d4:21:5f:a4:24:ec:55:1f:
eb:68:06:0b:11:3d:ea:7f:81:5e:da:6b:a1:8e:39:db:e9:ed:
fd:78:aa:ce:44:31:09:58:bd:5f:b1:5f:00:2e:1a:73:d7:75:
24:fa:d3:59:a0:85:bf:d2:19:a7:dd:ab:56:51:13:f9:d7:57:
7a:f7:f5:3e:a4:ad:49:87:ab:d5:89:d3:4c:c5:d5:c3:90:84:
6c:a0:88:41:99:9c:df:81:d7:67:40:12:c9:78:ad:c7:69:71:
c1:e5:4e:7e:b1:99:cf:de:9f:6c:c1:d8:da:02:af:39:3a:89:
2f:ea:1a:41:47:3f:dc:ed:1b:9a:8d:ae:25:83:e4:54:5c:ca:
83:55:50:70:a2:ac:78:3e:0d:a2:f0:bd:e4:3a:50:7e:26:40:
d4:e6:24:f5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTAqG4IyuAHzVmCFqr62WdtlbYWEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTQwMTdaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmMzliZDNkNTk0MDkxMGU5Y2U5ZDQ4NTFkMGM3OTQzYzM2MTkwZjllNGUw
MzhkMzRhNzVmMzc5YzA4YTU0MzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM1pqALPHY8vnlgKQZQC+0plUHo3xZViZMupDM+awmKrpguK1/iHzdFdcceK
LdqWd+wJZjYTtt0jif6lr5P0CHR0delsMaXWOyqFcAWEFmdMkFiZ3OXm2p6Nt1qC
t3161r9kMQTcixdzdb33bePLB68fuw95fg01VZ+p5GD485KqbhU4ypSLoV4kmuPJ
lXJBpdD2ERSHHu5zExXP2jHmngc6sE9usiO/bAVLJVAXCpGmV65TH7E9sD9RE2Ij
qRJ0Bx3zMYJoNYtpyGIhVhIE2XRcEcJe3+I9CXnVuYqL/NoItmjIDtbUHJy8aSpo
lhXKhNFj7D64mvLzDZBAXe6Xow0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQTawiC
XpV2Wq2tqZ4Z1wtFSgf0gDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU0ZTZiMWUtMTIwYS00NTRiLThlYTItMjUwNGUwZjM0YjdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNVMA0G
CSqGSIb3DQEBCwUAA4IBAQBmfEyw6lymKQl6mrvW5Z+fP3raLYPeZXVv+7mjP7fJ
YWFiMrmW2nn3EUwBaB05Y/RufXRyvAbFHBVwuAbtAyxg1ruZBsoi08knvbdQxG0V
bIJYvnajR75diilCCdDqBT/vBPYm1CFfpCTsVR/raAYLET3qf4Fe2muhjjnb6e39
eKrORDEJWL1fsV8ALhpz13Uk+tNZoIW/0hmn3atWURP511d69/U+pK1Jh6vVidNM
xdXDkIRsoIhBmZzfgddnQBLJeK3HaXHB5U5+sZnP3p9swdjaAq85Ookv6hpBRz/c
7Ruaja4lg+RUXMqDVVBwoqx4Pg2i8L3kOlB+JkDU5iT1
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:50:26 2025 by rpki-client